Massive cyber attack hits US federal workers, probe focuses on China

Hackers broke into U.S. government computers, possibly compromising the personal data of 4 million current and former federal employees, and investigators were probing whether the culprits were based in China, U.S. officials said on Thursday.

In the latest in a string of intrusions into U.S. agencies’ high-tech systems, the Office of Personnel Management suffered what appeared to be one of the largest breaches of information ever on government workers. The office handles employee records and security clearances.

A U.S. law enforcement source told Reuters a “foreign entity or government” was believed to be behind the cyber attack. Authorities were looking into a possible Chinese connection, a source close to the matter said.

A Chinese Embassy spokesman in Washington said hypothetical accusations were irresponsible and counterproductive. He said it was hard to track hacker activity across borders.

The FBI said it had launched a probe and aimed to bring to account those responsible.

OPM detected new malicious activity affecting its information systems in April and the Department of Homeland Security said it concluded at the beginning of May that the agency’s data had been compromised and about 4 million workers may have been affected.

The agencies involved did not specify exactly what kind of information was accessed.

The breach hit OPM’s IT systems and its data stored at the Department of the Interior’s data centre, a shared service centre for federal agencies, a DHS official said on condition of anonymity. The official would not comment on whether other agencies’ data had been affected.

OPM had previously been the victim of another cyber attack, as have various federal government computer systems at the State Department, the U.S. Postal Service and the White House.

Chinese hackers were blamed for penetrating OPM’s computer networks in 2014, and hackers appeared to have targeted files on tens of thousands of employees who had applied for top-secret security clearances, theNew York Times reported in July 2014, citing unnamed U.S. officials.

“The FBI is working with our interagency partners to investigate this matter,” the bureau said in a statement. “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”

The U.S. government has long raised concerns about cyber spying and theft emanating from China and has urged Beijing to do more to curb the problem.

Chinese Embassy spokesman Zhu Haiquan said in reply to a Reuters query that China had made great efforts to combat cyber attacks.

“Jumping to conclusions and making (a) hypothetical accusation is not responsible,” and is “counterproductive,” Mr. Zhu said in emailed comments.

There was no comment from the White House.

Since the intrusion, OPM said it had implemented additional security precautions for its networks. It said it would notify the 4 million employees and offer credit monitoring and identity theft services to those affected.

“The last few months have seen a series of massive data breaches that have affected millions of Americans,” U.S. Representative Adam Schiff, the ranking Democrat on the House Permanent Select Committee on Intelligence, said in a statement.

He called the latest intrusion “among the most shocking because Americans may expect that federal computer networks are maintained with state-of-the-art defences”.

The largest federal employee union said it was working with the administration to ensure measures were taken to secure the personal information of affected employees.

“AFGE will demand accountability,” American Federation of Government Employees president J. David Cox Sr. said in a statement.

In April, President Barack Obama responded to a growing rash of attacks aimed at U.S. computer networks by launching a sanctions program to target individuals and groups outside the United States that use cyber attacks to threaten U.S. foreign policy, national security or economic stability.

The move followed indictments of five Chinese military officers who were charged with economic espionage. U.S. officials also pointed the finger directly at North Korea for a high-profile attack on Sony over a film spoof depicting the assassination of North Korea’s leader.

China has routinely denied accusations by U.S. investigators that hackers backed by the Chinese government have been behind attacks on U.S. companies and federal agencies.

Mr. Obama has moved cybersecurity toward the top of his 2015 agenda after recent breaches, and the White House says he raises the issue in meetings with Chinese President Xi Jinping.

U.S. military officials have become increasingly vocal about cyber espionage and attacks launched by China, Russia and other rivals. A Pentagon report in April said hackers associated with the Chinese government repeatedly targeted U.S. military networks in 2014 seeking intelligence.

In unveiling an updated cyber strategy last month, U.S. Defence Secretary Ash Carter singled out threats from Russia, China, Iran and North Korea and stressed the military’s ability to retaliate with cyber weapons.